Unix: update caddyfile revproxy

src/content/unix/reverse-proxy.md

@@ -4,8 +4,6 @@ description: 'Reverse Proxies and SDWAN'
 updateDate: 'Apr 21 2024'
 ---
 
-# Bypassing Network Lockdowns
-
 I manage the network infrastructure for a [robotics club](https://arvp.org) on
 campus. Unfortunately, the campus network has been heavily locked down for
 security. It takes years to get Information Services and Technology (IST) to
@@ -336,3 +334,56 @@ and update the `remote_addr`:
 [client]
 remote_addr = "mycomputer.example.com:9001"
 ```
+
+## Multiple Services
+
+Unless you have a lot of funds, you'll likely only have one server running.
+However, you may want several "services" running on this one server. This is
+especially an issue when it comes to websites, as browsers request to port 80 or
+443 (http**s**) on the given IP.
+
+Luckily, when a website is requested, he header of that request includes the
+domain name that request is going to. For example, I might have `example1.com`
+and `example2.com` pointing to the exact same IP address. However, the server
+will be able to see if the request is coming for `example1.com` or
+`example2.com` and choose to serve different content.
+
+Nginx is the typical way to do this, but
+[Caddy](https://github.com/caddyserver/caddy) is much easier to get running. It
+almost provides extremely simple Let's Encrypt integration for free https.
+
+Here's a very basic Caddyfile we use at arvp:
+
+```js
+git.mami2.moe {
+	reverse_proxy localhost:9123
+}
+
+woodpecker.mami2.moe {
+	reverse_proxy localhost:9027
+}
+
+jupyter.mami2.moe {
+	reverse_proxy localhost:9025
+}
+
+# This one keeps a log of connections
+cvat.mami2.moe {
+	reverse_proxy localhost:9026
+	log {
+		output file /root/cvat.mami2.moe.caddy.log {
+			roll_size 1gb
+			roll_keep 5
+			roll_keep_for 720h
+		}
+	}
+}
+
+# This one uses basic password protection, provided by caddy
+llama.mami2.moe {
+	basicauth * {
+		arvp $2y$03$BekY89f5/9s.oxtrGntlk23j4kl32jlk;23jl4j32l;23j4l32kY.
+	}
+	reverse_proxy localhost:9030
+}
+```